CVE-2020-14168

Summary

The email client in Jira Server and Data Center before version 7.13.16, from 8.5.0 before 8.5.7, from 8.8.0 before 8.8.2, and from 8.9.0 before 8.9.1 allows remote attackers to access outgoing emails between a Jira instance and the SMTP server via man-in-the-middle (MITM) vulnerability.

Affected Software

VendorProductVersion RangeStatus
AtlassianJira Server and Data Centerunspecified < 7.13.16affected
AtlassianJira Server and Data Center8.5.0 < unspecifiedaffected
AtlassianJira Server and Data Centerunspecified < 8.5.7affected
AtlassianJira Server and Data Center8.8.0 < unspecifiedaffected
AtlassianJira Server and Data Centerunspecified < 8.8.2affected
AtlassianJira Server and Data Center8.9.0 < unspecifiedaffected
AtlassianJira Server and Data Centerunspecified < 8.9.1affected

Weaknesses

  • Man-in-the-Middle (MitM)

ADP Enrichment

CVE Program Container

Additional References

References